Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
weird files in root
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2015-06-08
02:09 PM
2015-06-08
02:09 PM
weird files in root
I've just noticed. I have covered my shares and the NAS' name.
Shall I be concerned??
Shall I be concerned??
Message 1 of 6
Labels:
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2015-06-08
05:02 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2015-06-09
01:09 AM
2015-06-09
01:09 AM
Re: weird files in root
wow, that's not good.
My SSH password is long and complex. Is there anything I can check? Logs or anything?
And how do I delete those files now, they are refusing to delete. I tried by FTP and terminal. I cannot type the name so I typed rm -i * but the system comes up with an error message.
Edit: someone is definitely trying to getting in...
My SSH password is long and complex. Is there anything I can check? Logs or anything?
And how do I delete those files now, they are refusing to delete. I tried by FTP and terminal. I cannot type the name so I typed rm -i * but the system comes up with an error message.
Edit: someone is definitely trying to getting in...
Jun 9 04:23:24 xxxxxxxx sshd[18388]: Failed password for root from 182.100.67.113 port 52274 ssh2
Jun 5 09:04:10 xxxxxxxx sshd[15205]: reverse mapping checking getaddrinfo for 150.0.47.59.broad.bx.ln.dynamic.163data.com.cn failed - POSSIBLE BREAK-IN ATTEMPT!
Message 3 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2015-06-09
12:30 PM
2015-06-09
12:30 PM
Re: weird files in root
Hi all,
On a webpage I found a way to delete those files: by inode number.
List by using
then delete with
Would that work?
On a webpage I found a way to delete those files: by inode number.
List by using
ls -il
then delete with
find . -inum (the_relevant_inode_number) -exec rm -i {} \;
Would that work?
Message 4 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2015-06-09
02:15 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2015-06-09
03:41 PM
2015-06-09
03:41 PM
Re: weird files in root
Yes, does not work. Even using rm -i won't work, the system should ask me confirmation and I should be able to say "yes" to what I want but no luck.
I believe I will let my CrashPlan to complete the upload first and then I will remove those files 🙂
What I need to know is: is it safe to do? Any chance they were created by some app?
Also, I could not see a successful access by SSH on the 8th - to be honest I doubt someone was able to get in, my password is not an easy one. Besides SSH, is there anywhere else I should look for clues of someone breaking in?
I believe I will let my CrashPlan to complete the upload first and then I will remove those files 🙂
What I need to know is: is it safe to do? Any chance they were created by some app?
Also, I could not see a successful access by SSH on the 8th - to be honest I doubt someone was able to get in, my password is not an easy one. Besides SSH, is there anywhere else I should look for clues of someone breaking in?
Message 6 of 6